Add RootStore

[cugu]

Add a new RootStore DataStore that uses the os.Root type introduced in Go 1.24.

This type ensures that all files accessed are only in the directory passed and protects against path traversal attacks.

Read more abount os.Root here: https://go.dev/blog/osroot

[Acconut]

Thank you for this PR! The usage of os.Root looks interesting and could definitely be helpful in some cases. However, I think that it would be better to offer this as an option in the existing filestore instead of duplicating filestore. This would avoid us having to maintain both storages, even though the appear to be practically the same.

[cugu]

Both stores are incompatible and merging them into one would result in breaking changes, as the filestore allows for absolute path, which the rootstore by design cannot support.

[Acconut]

Would it be possible to offer an option in filestore to enable the use of os.Root? Then we can avoid breaking changes and duplicating the storage.

[cugu]

I don't think this is possible without breaking changes.

The current interface of FileStore is FileStore{Path string} and we need some other field for the FileStore, e.g. FileStore{Path string, FS FS}, which would break initialization without keys like FileStore{"my/path"}

[cugu]

We probably could share quite a bit of code though between both implementations.

[Acconut]

The current interface of FileStore is FileStore{Path string} and we need some other field for the FileStore, e.g. FileStore{Path string, FS FS}, which would break initialization without keys like FileStore{"my/path"}

Good point. In that case, this might be something for the next major release, where we can introduce such changes. I'm quite hesitant to merge the PR as is because it duplicates a lot of code.

[cugu]

Okay added another way: A baseStore that is shared between FileStore and RootStore which are both just small wrappers. This offers reduced code duplication and backwards compatibility.

[Acconut]

Thank you for the updates. This seems to be going in a good direction.

[Acconut]

Can osFS be replaced by os.DirFS (https://pkg.go.dev/os#DirFS)? Then we don't have to implement the interface on our own.

[cugu]

No. os.DirFS returns a read-only fs.FS, we need writing functions like Create or Remove.

[Acconut]

I wonder if we actually have to export a RootStore. If we expose a filestore that can work with any io/fs.FS, then users just supply the corresponding file system interface for their root and use then. Makes it more flexible and less generalized.

[Acconut]

Something along these lines, which is similar to what you have proposed in this PR already:

struct FSStore {
  FS fs.FS
}

// Implementation of FSStore function omitted.

struct FileStore {
  Dir string
}

func (store FileStore) fsStore() FSStore {
  return FSStore{os.DirFS(store.Dir)}
}

func (store FileStore) NewUpload(ctx context.Context, info handler.FileInfo) (handler.Upload, error) {
	return store.fsStore().NewUpload(ctx, info)
}

[cugu]

Just noticed another minor (?) breaking change: Changing the the FileStore.Path during runtime currently works, while it will not work anymore with any of the changes suggested above.